Senior Security Engineer - Red Team

About The Position

Requirements

• Minimum 5 years of hands-on offensive security experience, preferably within Red Team or penetration testing roles.
• Strong familiarity with attack frameworks (e.g., MITRE ATT&CK) and corresponding mitigation strategies.
• Proficient with common Command and Control (C2) frameworks such as Sliver, Mythic, and Cobalt Strike.
• Relevant security certifications such as CRTO (Certified Red Team Operator), OSCP (Offensive Security Certified Professional), or equivalent.
• Demonstrated ability to develop custom offensive tools or scripts to support red team operations.
• Excellent communication skills with the ability to convey complex technical findings to diverse audiences.
• Experience with cloud security assessments (AWS, Azure, GCP) is a plus.
• Strong problem-solving skills and a proactive approach to security challenges.

Nice To Haves

• Knowledge of physical security testing and social engineering tactics.
• Familiarity with scripting languages such as Python, PowerShell, or Bash.
• Experience working in agile or DevSecOps environments.
• Understanding of enterprise network architectures and security controls.

Responsibilities

• Developing and refining internal red team scripts, tools, and methodologies to enhance offensive security operations.
• Research, validate, and exploit known attacks, vulnerabilities, and security weaknesses using custom-built or existing tools.
• Conduct thorough Red Team assessments targeting on-premises infrastructure, cloud environments, and enterprise threat landscapes.
• Identify vulnerabilities across software, systems, networks, and business logic through simulated adversarial tactics.
• Design and execute complex threat emulation scenarios incorporating physical, social engineering, and digital attack vectors.
• Produce detailed, accurate, and actionable reports and presentations tailored for both technical teams and executive leadership.
• Collaborate closely with other security teams to support remediation efforts and improve overall security posture.
• Stay current with emerging threats, attack techniques, and security technologies to continuously evolve red team capabilities.
• Conduct Purple Team exercises in collaboration with partner security teams to identify and improve the organization's security posture.